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This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

1 . (Currently Amended) A method of creating generating a computer program 
storable on a computer-readable medium, said method comprising the acts of: 

identifying a set of actions that are performed in the course of using a cryptographic 
algorithm to apply a cryptographic key to first data; 

generating a first set of computer-executable instructions which includes instructions 
to perform said set of actions; and 

including said first set of computer-executable instructions in said computer program, 
wherein said computer program is operable to perform said set of actions independent of a 
whole and any part of said cryptographic key and without exposing or accessing any part of 
the cryptographic key . 

2. (Original) The method of claim 1, wherein said cryptographic algorithm is a 
public/private-key algorithm. 

3. (Original) The method of claim 2, wherein said cryptographic key is the 
private key of an asymmetric key pair. 

4. (Original) The method of claim 1, further comprising the act of receiving 
second data which in some way identifies or relates to a computing device on which said 
computer program runs, and wherein said first set of computer-executable instructions is 
based on said second data. 

5. (Original) The method of claim 4, wherein said second data comprises or is 
based on one or more of the following: a CPUID associated with a processor of said 
computing device; a serial number associated with said processor; and third data which 
identifies a hard disk associated with said computing device, said third data being assigned to 
said hard disk by a manufacturer or distributor of said hard disk. 



Page 2 of 18 



DOCKET NO.: MSFT-0188 
Application No.: 09/604,174 
Office Action Dated: March 17, 2008 



PATENT 

REPLY FILED PURSUANT TO 
37 CFR§ 1.116 



6. (Previously Presented) The method of claim 4, wherein said first set of 
computer-executable instructions comprises one or more instructions which depend for their 
correct execution on retrieval, during execution, of said second data. 

7. (Original) The method of claim 1, further comprising the act of randomly or 
pseudo-randomly generating a number, wherein said first set of computer-executable 
instructions is based on said number. 

8. (Original) The method of claim 1, further comprising the acts of: 
generating a diversionary second set of computer-executable instructions which 

perform one or more second actions; and 

including said second set of computer-executable instructions in said computer 
program. 

9. (Original) The method of claim 8, further comprising the act of retrieving said 
diversionary second set of computer-executable instructions from a database of stored code. 

10. (Original) The method of claim 8, wherein said computer program does not 
rely on performance of said second actions to apply said cryptographic key to said first data. 

11. (Original) The method of claim 1, further comprising the act of generating a 
second set of computer-executable instructions which detects modification or deletion of at 
least a portion of code contained in said computer program, and which restores said portion if 
said portion has been deleted or modified. 

12. (Original) The method of claim 1, further comprising the act of reorganizing 
at least some code contained in said computer program. 

13. (Original) The method of claim 1, further comprising the acts of: 

delimiting a segment of at least some code contained in said computer program; 

obtaining a first hash of the code inside the delimited segment; 

including said first hash of the delimited segment within said computer program; 
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creating a second set of computer-executable instructions which obtains a second hash 
of the delimited segment and which compares said second hash with said first hash; and 

including said second set of computer-executable instructions in said computer 
program. 

14. (Original) The method of claim 1, further comprising the acts of: 
encrypting at least a portion of said first set of computer-executable instructions; and 
creating a second set of computer-executable instructions which decrypts said portion. 

15. (Original) The method of claim 1, wherein said act of creating said first set of 
computer-executable instructions comprises the acts of: 

creating instructions in a source-level language; and 
compiling said source-level-language instructions. 

16. (Original) The method of claim 15, further comprising the act of 
postprocessing the compiled instructions after said compiling act, wherein said 
postprocessing act comprises one or more of the following: encrypting at least a portion of 
the compiled instructions, and hashing at least a portion of the compiled instructions. 

17. (Original) The method of claim 1, further comprising the acts of: 
receiving, from a computing device, a request for said computer program via a 

network; and 

providing said computer program to said computer device via said network. 

18. (Original) The method of claim 17, wherein said network comprises the 
Internet. 

19. (Previously Presented) The method of claim 17, wherein said receiving act 
occurs contemporaneously with said providing act. 

20. (Original) The method of claim 1, wherein said generating act comprises 

retrieving instructions from a database of stored code. 
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21 . (Original) A computer-readable medium encoded with a third set of 
computer-executable instructions to perform the method of claim 1 . 

22. (Withdrawn) A method implemented at least in part by a computing device of 
securely decrypting data with a cryptographic key, said method comprising the acts of: 

performing a first set of actions which compute results of applying said cryptographic 
key to said data, said first set of actions not accessing, for their performance, said 
cryptographic key; and 

performing a diversionary second set of actions different from said first set of actions; 

wherein said first and said second sets of actions are implemented by way of a set of 
computer-executable instructions executable on a computing device. 

23. (Withdrawn) The method of claim 22, wherein performance of said first set of 
actions does not depend on performance of said diversionary second set of actions. 

24. (Withdrawn) The method of claim 22, wherein either of said first or second 
sets of actions in some manner relies for its performance on retrieval or derivation from said 
computing device of hardware identification data which identifies or in some way relates to 
hardware associated with said computing device. 

25. (Withdrawn) The method of claim 22, further comprises the acts of: 
detecting a modification or deletion of at least a portion of said set of computer- 
executable instructions; and 

restoring said set of instructions to its state prior to said modification or deletion. 

26. (Withdrawn) The method of claim 22, further comprises the act of decrypting 
at least a portion of said set of computer-executable instructions prior to executing said 
portion. 

27. (Withdrawn) The method of claim 26, further comprising the act of re- 
encrypting said portion subsequent to executing said portion. 
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28. (Withdrawn) The method of claim 22, further comprising the acts of: 
deriving a value based on at least a portion of said set of computer- executable 

instructions; and 

comparing the derived value to a stored value. 

29. (Withdrawn) The method of claim 28, wherein said act of deriving comprises 
the act of hashing said portion. 

30. (Withdrawn) The method of claim 22, further comprising the act of moving at 
least some of said computer-executable instructions to a randomly or pseudo-randomly 
selected memory location on said computing device prior to execution of the moved 
instructions. 

3 1 . (Withdrawn) A computer-readable medium encoded with said set of 
computer-executable instructions to perform the method of claim 22. 

32. (Withdrawn) A method of performing an action on a computing device in a 
manner that is at least partly resistant to modification or analysis, said method comprising the 
acts of: 

executing on said computing device a first set of computer-executable instructions 
storable on a computer-readable medium that implements a sub-action, wherein: 



performance of said action is in at least some way furthered by performance of 
said sub-action; 

said action comprises computing results of applying a cryptographic key to 
first data; and 

said cryptographic key is not accessed in performance of said action; and 



executing on said computing device a second set of computer-executable instructions 
that implements said sub-action, said second set of computer-executable instructions being 
different from said first set of computer-executable instructions. 



33. 



(Canceled) 
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34. (Withdrawn) The method of claim 33, wherein said action comprises using 
said cryptographic key to decrypt said first data. 

35. (Withdrawn) The method of claim 33, wherein said action comprises using 
said cryptographic key to authenticate said first data. 

36. (Withdrawn) The method of claim 32, further comprising the act of executing 
a diversionary third set of computer-executable instructions different from said first and 
second sets of computer-executable instructions. 

37. (Withdrawn) The method of claim 36, wherein neither said first or second sets 
of computer-executable instructions relies for its correct performance on said diversionary 
third set of computer-executable instructions. 

38. (Withdrawn) The method of claim 32, further comprising the acts of: 
detecting a modification or deletion of at least a portion of said first or second sets of 

computer-executable instructions; and 

restoring the modified or deleted instructions to their state prior to said modification 
or deletion. 

39. (Withdrawn) The method of claim 32, further comprises the act of decrypting 
at least a portion of said first or second sets of computer-executable instructions prior to 
executing said portion. 

40. (Withdrawn) The method of claim 39, further comprising the act of 
encrypting said portion subsequent to executing said portion. 

41. (Withdrawn) The method of claim 32, further comprising the acts of 
deriving a value based on at least a portion of said first or second sets of computer- 
executable instructions; and 

comparing the derived value to a stored value. 
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42. (Withdrawn) The method of claim 41, wherein said act of deriving comprises 
the act of hashing said portion. 

43. (Withdrawn) The method of claim 32, further comprising the act of moving at 
least some of said first or second set of computer-executable instructions to a randomly or 
pseudo-randomly selected memory location prior to their execution on said computing 
device. 

44. (Withdrawn) A computer-readable medium encoded with computer- 
executable instructions to perform the method of claim 32. 

45. (Withdrawn) A method of creating a computer program storable on a 
computer-readable medium that is at least partly resistant to modification or analysis wherein 
said computer program performs a first action on at least two different occasions, said 
method comprising the acts of: 

creating a first set of computer-executable instructions which performs said first 
action, wherein; 

said first action comprises computing results of applying a cryptographic key 
to first data; and 

said cryptographic key is not accessed in performance of said first action; 
including said first set of computer-executable instructions at a first location in said 
computer program; 

creating a second set of computer-executable instructions which performs said first 
action, said second set of computer-executable instructions being at least in part different 
from said first set of computer-executable instructions; and 

including said second set of computer-executable instructions at a second location in 
said computer program. 

46. (Withdrawn) The method of claim 45, wherein said first location is inline 
with code that requires performance of said action. 
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47. (Canceled) 

48. (Canceled) 

49. (Withdrawn) The method of claim 45, further comprising the act of receiving 
second data which in some way identifies or relates to a computing device on which said 
computer program runs, and wherein said first set of computer-executable instructions is 
based on said second data. 

50. (Withdrawn) The method of claim 45, further comprising the act of randomly 
or pseudo-randomly generating a number, wherein said first set of computer-executable 
instructions is based on said number. 

5 1 . (Withdrawn) The method of claim 45, further comprising the acts of: 
creating a diversionary third set of computer-executable instructions; and 
including said diversionary third set of computer-executable instructions in said 

computer program. 

52. (Withdrawn) The method of claim 45, further comprising the act of creating a 
third set of computer-executable instructions which detects modification or deletion of at 
least a portion of said computer program, and which restores said portion to its state prior to 
modification or deletion. 

53. (Withdrawn) The method of claim 45, further comprising the act of 
reorganizing said first or second sets computer-executable instructions or a combination 
thereof. 

54. (Withdrawn) The method of claim 45, further comprising the acts of: 
delimiting a segment of said computer program; 

obtaining a first hash of the code inside the delimited segment; 

including said first hash of the delimited segment within said computer program; and 
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creating a third set of computer-executable instructions which obtains a second hash 
of the delimited segment and which compares said second hash with said first hash. 

55. (Withdrawn) The method of claim 45, further comprising the acts of: 
encrypting at least some instructions in said computer program; and 

creating a third set of computer-executable instructions which decrypts said encrypted 
instructions prior to their execution. 

56. (Withdrawn) The method of claim 45, wherein said act of creating said first 
set of computer-executable instructions comprises: 

creating instructions in a source-level language; and 
compiling said source-level-language instructions. 

57. (Withdrawn) The method of claim 56, further comprising the act of 
postprocessing the compiled instructions, wherein said postprocessing act comprises one or 
more of the following: encrypting at least a portion of the compiled instructions, and hashing 
at least a portion of the compiled instructions. 

58. (Withdrawn) The method of claim 45, further comprising the acts of: 
receiving, from a computing device, a request for said computer program via a 

network; and 

providing said computer program to said computer device via said network; 

59. (Withdrawn) The method of claim 58, wherein said network comprises the 
Internet. 

60. (Withdrawn) The method of claim 58, wherein said receiving act occurs 
contemporaneously with said providing act. 

61 . (Withdrawn) The method of claim 45, further comprising the act of retrieving 
instructions from a database of stored code to be included in said computer program. 
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62. (Withdrawn) A computer-readable medium encoded with a third set of 
computer-executable instructions to perform the method of claim 45. 

63. (Withdrawn) A method of creating a computer program storable on a 
computer-readable medium that is at least partly resistant to modification or analysis, said 
method comprising the acts of: 

creating a first set of computer-executable instructions; and 

creating a second set of computer-executable instructions which detects modification 
or deletion of at least a portion of said first set of computer- executable instructions and which 
restores said at least a portion if said at least a portion has been deleted or modified. 

64. (Withdrawn) The method of claim 63, wherein said second set of computer- 
executable instructions perform a process comprising the acts of: 

hashing at least a portion of the instructions in said computer program; and 
comparing the result of said hashing act with a stored value. 

65. (Withdrawn) The method of claim 63, further comprising the act of receiving 
first data which in some way identifies or relates to a computing device on which said 
computer program runs, and wherein said first or second set of computer-executable 
instructions is based on said first data. 

66. (Withdrawn) The method of claim 63, further comprising the act of randomly 
or pseudo-randomly generating a number, wherein said first or second set of computer- 
executable instructions is based on said number. 

67. (Withdrawn) The method of claim 63, further comprising the act of creating a 
diversionary third set of computer-executable instructions which perform one or more 
actions. 
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68. (Withdrawn) The method of claim 67, wherein said first and said second sets 
of computer-executable instructions do not rely for their correct execution on said 
diversionary third set of computer-executable instructions. 

69. (Withdrawn) The method of claim 63, further comprising the acts of: 
creating instructions in a source-level language; and 

compiling the source-level-language instructions to produce said computer program. 

70. (Withdrawn) The method of claim 63, further comprising the acts of: 
encrypting at least some instructions in said computer program; and 

creating a third set of computer-executable instructions which decrypts said encrypted 
instructions prior to their execution. 

7 1 . (Withdrawn) A computer readable medium comprising: 
a first set of computer-executable instructions; and 

a second set of computer-executable instructions which uses error-correction 
techniques to detect variations of said first set of computer-executable instructions from a 
reference state, and to restore said first set of computer-executable to said reference state. 

72. (Withdrawn) The computer-readable medium of claim 71, wherein said 
reference state comprises the state of said first set of computer-executable instructions 
immediately after said computer-executable instructions are loaded into memory for 
execution. 

73. (Withdrawn) The computer-readable medium of claim 71, wherein first set of 
computer-executable instructions are dynamically modifiable during their execution, and 
wherein said reference state comprises a state of said first set of computer-executable 
instructions at an intermediate point in time during their execution. 
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